Saturday, February 15, 2014

I Almost Made A New Friend

This morning I got a phone call from someone who sounded like he was from India and in a room of other guys who sounded like they were from India telling me he was with the Windows Technical Department.

We had a nice long conversation.

This is a cold call scam in which the caller tries to convince the target, me, that my computer has been infected with all sorts of malware, which is threatening to divulge my personal information.

Here's how he tried to establish his credibility. He walked me through opening the Run command box and typing in the command "assoc".

Of course, this took 20 minutes because I repeated things back incorrectly, when he started to talk I would interrupt with a question or comment about all the background noise, I would misunderstand the simplest instructions, and did what I think was a successful job at making this a most frustrating experience for the scammer.

Back to establishing credibility.

The "assoc" command simply lists the file associations on the Windows computer. They all go scrolling by and one of the last entries is this:

.ZFSendToTarget=CLSID{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}

This entry is identical on every Windows PC. So he was trying to make me believe he was on the up and up by reading the CLSID number to me and verifying that it matched the one on my computer. Hence, it would be infected and need to be cleaned up.

It took five minutes of him rattling off characters and me interrupting:

"You said O. Mine looks like a zero? Are you sure that matches?"

"Wait, this one kind of looks like an O, but you said zero."

"I couldn't understand you because there's a lot of noise in the background."

"Mine has a bunch of dashes in between. You didn't say any of the dashes."

"Mine has a D there and it sounded like you said B. Oh, that's a D? Okay, that was 888..."

"Was that an F or an S? It sounded like S. How many S's are supposed to be there?"

And me repeating each of the above statements and talking over him each time he tried to respond.

He finally got fed up and told me to hang on while he transferred me to a senior technical advisor. I had enough fun for the morning and hung up.

I should have explained that. They convince you to either allow them to remotely connect to your computer where they can install some software or have you download some software from a web site that they claim will clean your computer. The software is what's known as ransomware. It takes over your computer and you have to pay to have it removed.